package com.xj.util;

import java.io.File;
import java.io.IOException;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

public class FilePathUtil {

	/**
	 * 校验文件路径，避免Absolute Path Traversal，绝对路径遍历
	 * 这里是...... 不说了！
	 */
	public static boolean validateFileName(File file) throws IOException, SecurityException {
		// This represents the format d:\myapp\temp\<file name> where the file name
		// can consist of alpha-numeric, space/tab, period and dash characters and
		// cannot exceed 20 characters in length
		String goodPattern = "d:(\\\\|/)myapp(\\\\|/)temp(\\\\|/)(\\w|\\s|\\.|-){1,20}";
		Pattern p = Pattern.compile(goodPattern, Pattern.CASE_INSENSITIVE);
		Matcher m = p.matcher(file.getCanonicalPath());
		boolean f = true;
		if (!m.matches()) {
			return f;
		}else{
			return true;
		}
	}
}
